EP3048757B1 - Authentication server testing method and system - Google Patents

Authentication server testing method and system Download PDF

Info

Publication number
EP3048757B1
EP3048757B1 EP14845212.1A EP14845212A EP3048757B1 EP 3048757 B1 EP3048757 B1 EP 3048757B1 EP 14845212 A EP14845212 A EP 14845212A EP 3048757 B1 EP3048757 B1 EP 3048757B1
Authority
EP
European Patent Office
Prior art keywords
tested
authentication server
authentication
certificate
monitor console
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
EP14845212.1A
Other languages
German (de)
French (fr)
Other versions
EP3048757A4 (en
EP3048757A1 (en
Inventor
Ya'nan HU
Bianling Zhang
Qianjun SHI
Guobing Yuan
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Iwncomm Co Ltd
Original Assignee
China Iwncomm Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Iwncomm Co Ltd filed Critical China Iwncomm Co Ltd
Publication of EP3048757A1 publication Critical patent/EP3048757A1/en
Publication of EP3048757A4 publication Critical patent/EP3048757A4/en
Application granted granted Critical
Publication of EP3048757B1 publication Critical patent/EP3048757B1/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/50Testing arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/16Implementing security features at a particular protocol layer
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/069Authentication using certificates or pre-shared keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W84/00Network topologies
    • H04W84/02Hierarchically pre-organised networks, e.g. paging networks, cellular networks, WLAN [Wireless Local Area Network] or WLL [Wireless Local Loop]
    • H04W84/10Small scale networks; Flat hierarchical networks
    • H04W84/12WLAN [Wireless Local Area Networks]

Definitions

  • the disclosure relates to the technical field of communications, and in particular to a method and a system for testing an authentication server.
  • IP network Types of service based on the IP network become increasingly various, and involve national economy and all aspects of society.
  • a wireless IP network transmits data via radio wave so that the openness of the physical network reaches a new level. Therefore, secure access has become a key issue for the safe operation of a wired network and a wireless network.
  • a secure access system of the IP network mainly includes three network entities: a network terminal, an access point and an authentication server.
  • the network terminal makes a request of accessing a network to enjoy various resources provided by the network.
  • the access point is an edge device of the IP interconnection network and an entity to provide access service to a network user.
  • the authentication server is an entity to provide a service of user identity authentication.
  • the testing system of a product certification protocol in a wireless local network field mainly includes an interoperability testing system of WI-FI alliance for IEEE802.11 standard.
  • the system verifies the correctness of protocol implementation in a device to be tested by testing the communication performance and the interoperability between the device to be tested and a reference device, that is, the system tests a protocol conformance.
  • the testing system has the following disadvantages: the completeness of testing the device is not high in a case that the device is tested in a typical application environment that is the interoperability of a higher layer protocol, and there may be deviation of a test result.
  • the testing process is an interoperability testing which is similar to a black box testing, which only focuses on whether a final test result is successful; the testing process cannot be known, error location information in a case that the test is not passed cannot be given, and the accuracy of the test result may be affected seriously due to the correctness of the reference device implementation.
  • EP 1990972 A1 discloses a method for testing safety access protocol conformity to identification service entity. The method comprises following steps: checking whether certificates issued by identification service entity to be tested are conformed to specification or not; sending certificate identification request message to said entity by simulating identification applicant; capturing certificate identification response sent by said entity; gaining safety access protocol conformity test result by analyzing said certificate identification response.
  • a method and a system for testing an authentication server are provided according to embodiments of the disclosure, which can be used to test an authentication server produced by equipment manufacturers for the correctness and the conformance of implementing a roaming authentication protocol, with which roaming authentication protocol data is sent to the authentication server to be tested by simulating an access point and the authentication server, response data sent by the authentication server to be tested is captured, and the response data is analyzed in detail, so as to ensure that a product passing the test fully complies with the provisions of the wireless local network national standard and the interoperability.
  • the test result is accurate, test data is complete, and error location can be performed.
  • a method for testing an authentication server includes:
  • a system for testing an authentication server is further provided according to the present disclosure, which includes: a monitor console, including a certificate installation unit and a monitoring and processing unit, where
  • a certificate of an authentication server to be tested is installed in a monitor console and a certificate of the monitor console is installed in the authentication server to be tested; the monitor console constructs and sends, based on a configuration type of the authentication server to be tested, according to a roaming authentication protocol, roaming authentication protocol data to the authentication server to be tested; the monitor console captures response data sent by the authentication server to be tested, and performs comparative analysis to determine whether field information in the response data is consistent with locally stored respective information; and the monitor console displays that the authentication server to be tested is tested successfully in a case that the field information in the response data is completely consistent with the locally stored respective information; otherwise, the monitor console displays comparative analysis information.
  • the monitor console sends the roaming authentication protocol data to the authentication server to be tested by simulating an access point and the authentication server, captures the response data sent by the authentication server to be tested, performs comparative analysis on the response data, determines whether the testing is successful, and displays the comparative analysis information in a case that the testing is unsuccessful, and thus error location can be performed accurately.
  • the present disclosure has the following advantages: the related protocol data is captured and completely analyzed so that a test result is more accurate; a testing process includes a complete data capturing analysis, detailed information on the protocol data in the device to be tested may be given so that test data is more complete; and a microtest is performed on an execution process of the protocol so that an error in protocol implementation may be located accurately.
  • Figure 1 is a method flowchart of a method for testing an authentication server according to a first embodiment of the present disclosure.
  • the method includes steps 101 to 105.
  • step 101 a certificate of an authentication server to be tested is installed in a monitor console and a certificate of the monitor console is installed in the authentication server to be tested.
  • the installation is used to build a trust relationship between the monitor console and the authentication server to be tested.
  • the monitor console constructs and sends roaming authentication protocol data to the authentication server to be tested, based on a configuration type of the authentication server to be tested, according to a roaming authentication protocol.
  • the configuration type of the authentication server to be tested includes an home authentication server, an access authentication server and a center authentication server.
  • step 103 the monitor console captures response data sent by the authentication server to be tested, and performs comparative analysis to determine whether field information in the response data is consistent with locally stored respective information.
  • step 104 the monitor console displays that the authentication server to be tested is tested successfully in a case that the field information in the response data is completely consistent with the locally stored respective information.
  • step 105 the monitor console displays comparative analysis information in a case that the field information in the response data is not completely consistent with the locally stored respective information.
  • the constructing and sending, by the monitor console, based on a configuration type of the authentication server to be tested, according to a roaming authentication protocol, roaming authentication protocol data to the authentication server to be tested in step 102 may include: constructing, by the monitor console, based on the configuration type of the authentication server to be tested, a roaming certificate authentication request message, or, constructing and sending, by the monitor console, a certificate authentication request message to the authentication server to be tested.
  • the configuration type of the authentication server to be tested includes an home authentication server, an access authentication server and a center authentication server.
  • the capturing, by the monitor console, response data sent by the authentication server to be tested, and performing, by the monitor console, comparative analysis to determine whether field information in the response data is consistent with locally stored respective information in step 103 may include:
  • the monitor console sends the roaming authentication protocol data to the authentication server to be tested by simulating an access point and the authentication server, captures the response data sent by the authentication server to be tested, performs comparative analysis on the response data, determines whether the testing is successful, and displays the comparative analysis information in a case that the testing is unsuccessful, and thus error location can be performed accurately.
  • the present disclosure has the following advantages: the related protocol data is captured and completely analyzed so that a test result is more accurate; a testing process includes a complete data capturing analysis, detailed information on the protocol data in the device to be tested may be given so that test data is more complete; and a microtest is performed on an execution process of the protocol so that an error in protocol implementation may be located accurately.
  • a method for testing an authentication server according to the present disclosure is explained with a specific application scenario.
  • a method flowchart of a method for testing an authentication server as shown in Figure 2 may be referred to, in a case that the authentication server to be tested is configured to be an home authentication server.
  • the method includes steps 201 to 205.
  • step 201 the monitor console constructs and sends a roaming certificate authentication request message to the authentication server to be tested.
  • step 202 the monitor console captures a roaming certificate authentication response message sent by the authentication server to be tested.
  • the roaming certificate authentication request message may include: an identity of an authentication server (AS) trusted by a terminal, an authenticator entity (AE) inquiry, an authentication supplicant entity (ASUE) inquiry, a certificate of an authentication supplicant entity, a certificate of the authenticator entity, a certificate authentication result of the authenticator entity, a certificate of an access authentication service unit (ASU), an extended attribute, a message authentication and other fields, where the message authentication field is a signature by calculating a private key corresponding to a certificate of the monitor console which is installed in the authentication server to be tested.
  • AS authentication server
  • AE authenticator entity
  • ASUE authentication supplicant entity
  • ASU access authentication service unit
  • step 203 the monitor console performs comparative analysis to determine whether field information in the roaming certificate authentication response message is consistent with locally stored respective information.
  • the roaming certificate authentication response message may include: an identity of an access authentication server, a verification result of a certificate, a server signature trusted by the authentication supplicant entity, the certificate of the access authentication service unit, a server signature trusted by the authentication supplicant entity, the extended attribute, the message authentication and other fields.
  • step 203 may include:
  • step 204 the monitor console displays that the authentication server to be tested is tested successfully in a case that all the field information is consistent with the locally stored respective information.
  • step 205 the monitor console displays comparative analysis information in a case that not all the field information is consistent with the locally stored respective information.
  • the monitor console constructs and sends the roaming certificate authentication request message to the authentication server to be tested by simulating an AS, captures the roaming certificate authentication response message sent by the authentication server to be tested, and performs comparative analysis to determine whether field information in the roaming certificate authentication response message is consistent with the locally stored respective information.
  • the test result is more accurate, test data is more complete, and error location can be performed accurately.
  • the above-described testing method can ensure that a server passing the testing can fully comply with the wireless local network national standard and the interoperability.
  • a method for testing an authentication server according to the present disclosure is explained with a specific application scenario.
  • a method flowchart of a method for testing an authentication server as shown in Figure 3 may be referred to, in a case that the authentication server to be tested is configured to be an access authentication server.
  • the method includes steps 301 to 308.
  • step 301 a certificate of an authentication server to be tested is installed in a monitor console and a certificate of the monitor console is installed in the authentication server to be tested.
  • step 302 the monitor console constructs and sends a certificate authentication request message to the authentication server to be tested.
  • step 303 the monitor console captures a roaming certificate authentication request message sent by the authentication server to be tested.
  • step 304 the monitor console performs comparative analysis to determine whether the roaming certificate authentication request message is consistent with locally stored respective information.
  • step 304 may include: checking, by the monitor console, whether a WAI version number of the roaming certificate authentication request message complies with the wireless local network national standard;
  • step 305 the monitor console constructs and sends a roaming certificate authentication response message to the authentication server to be tested in a case that all the field information is consistent with the locally stored respective information; otherwise, step 308 is executed.
  • the monitor console captures the roaming certificate authentication response message sent by the authentication server to be tested, and performs comparative analysis to determine whether the field information in the certificate authentication response message is consistent with the locally stored respective information.
  • the performing comparative analysis to determine whether field information in the certificate authentication response message is consistent with the locally stored respective information in step 306 may include:
  • step 307 the monitor console displays that the authentication server to be tested is tested successfully in a case that all the field information is consistent with the locally stored respective information.
  • step 308 the monitor console displays comparative analysis information in a case that not all the field information is consistent with the locally stored respective information.
  • the monitor console constructs the certificate authentication request message by simulating the access point, captures a roaming certificate authentication request message sent by the authentication server to be tested, performs comparative analysis to determine whether the field content of the roaming certificate authentication request message is consistent with the locally stored respective information.
  • the monitor console constructs and sends a roaming certificate authentication response message to the authentication server to be tested, captures the certificate authentication response message sent by the authentication server to be tested, and performs comparative analysis to determine whether the certificate authentication response message is consistent with the locally stored respective information.
  • a method for testing an authentication server according to the present disclosure is explained with a specific application scenario.
  • a method flowchart of a method for testing an authentication server as shown in Figure 4 may be referred to, in a case that the authentication server to be tested is configured to be a center authentication server.
  • the method includes steps 401 to 408.
  • step 401 a certificate of an authentication server to be tested is installed in a monitor console and a certificate of the monitor console is installed in the authentication server to be tested.
  • step 402 the monitor console constructs and sends a roaming certificate authentication request message to the authentication server to be tested.
  • step 403 the monitor console captures a roaming certificate authentication request message sent by the authentication server to be tested.
  • step 404 the monitor console performs comparative analysis to determine whether field information in the captured roaming certificate authentication request message is consistent with the locally stored respective information.
  • step 404 may include:
  • step 405 the monitor console constructs and sends a roaming certificate authentication response message to the authentication server to be tested in a case that all the field information is consistent with the locally stored respective information; otherwise, step 408 is executed.
  • the monitor console captures the roaming certificate authentication response message sent by the authentication server to be tested, and performs comparative analysis to determine whether the field information in the captured certificate authentication response message is consistent with the locally stored respective information.
  • the step 406 may include:
  • the monitor console performs comparative analysis to determine whether a field of a certificate of an access ASU in the roaming certificate authentication response message is consistent with a certificate of an AS trusted by an AP which is installed in the monitor console.
  • the monitor console performs comparative analysis to determine whether a field of a second signature of a server trusted by an authentication supplicant entity in the roaming certificate authentication response message is consistent with a field of a second signature of a server trusted by an authentication supplicant entity in the roaming certificate authentication response message sent by the monitor console to the authentication server to be tested.
  • the monitor console performs comparative analysis to determine whether a message authentication field in the roaming certificate authentication response message is consistent with a message authentication field in the roaming certificate authentication response message sent by the monitor console to the authentication server to be tested.
  • step 407 the monitor console displays that the authentication server to be tested is tested successfully in a case that all the field information is consistent with the locally stored respective information.
  • step 408 the monitor console displays comparative analysis information in a case that not all the field information is consistent with the locally stored respective information.
  • the monitor console constructs the roaming certificate authentication request message by simulating the access authentication server, captures a roaming certificate authentication request message sent by the authentication server to be tested, performs comparative analysis to determine whether the field content of the roaming certificate authentication request message is consistent with the locally stored respective information.
  • the monitor console constructs and sends a roaming certificate authentication response message to the authentication server to be tested, captures the roaming certificate authentication response message sent by the authentication server to be tested, and performs comparative analysis to determine whether the field content of in the roaming certificate authentication response message is consistent with the locally stored respective information.
  • a system for testing an authentication server includes: a monitor console, including a certificate installation unit and a monitoring and processing unit, where
  • the monitor console sends, based on a configuration type of the authentication server to be tested, the roaming authentication protocol data to the authentication server to be tested by simulating an access point and the authentication server, the monitor console captures the response data sent by the authentication server to be tested, performs comparative analysis on the response data, determines whether the testing is successful, and displays the comparative analysis information in a case that the testing is unsuccessful, and thus error location can be performed accurately.
  • the present disclosure has the following advantages: the related protocol data is captured and completely analyzed so that a test result is more accurate; a testing process includes a complete data capturing analysis, detailed information on the protocol data in the device to be tested may be given so that test data is more complete; and a microtest is performed on an execution process of the protocol so that an error in protocol implementation may be located accurately.
  • a system for testing an authentication server is further provided according to the sixth embodiment.
  • Reference is made to a structural diagram of an authentication server system as shown in Figure 5 which includes a monitor console 501, a hub 502 and an authentication server to be tested 503, where the monitor console 501 and the authentication server to be tested 503 are connected to the hub 502.
  • the monitor console 501 includes a certificate installation unit and a monitoring and processing unit.
  • the certificate installation unit is configured to install a certificate of an authentication server to be tested.
  • the monitoring and processing unit is configured to construct and send, based on a configuration type of the authentication server to be tested, according to a roaming authentication protocol, roaming authentication protocol data to the authentication server to be tested; capture response data sent by the authentication server to be tested, and perform comparative analysis to determine whether field information in the response data is consistent with the locally stored respective information; and display that the authentication server to be tested is tested successfully in a case that the field information in the response data is completely consistent with the locally stored respective information; otherwise, the monitoring and processing unit displays comparative analysis information.
  • the server to be tested includes a module configured to install a certificate of the monitor console.
  • the authentication server to be tested 503 is configured to send response data according to a roaming authentication protocol, based on the received roaming authentication protocol data.
  • the monitoring and processing unit may include:
  • the monitoring and processing unit may include:
  • the monitoring and processing unit may include:
  • the monitoring and processing unit may include:
  • the server to be tested may include a module configured to install a certificate of the monitor console in a case that the monitor console tests the authentication server to be tested.
  • the monitor console sends the protocol data to the authentication server to be tested by simulating an access point, captures the response data sent by the authentication server to be tested, performs comparative analysis on the response data, determines whether the testing is successful, and displays the comparative analysis information in a case that the testing is unsuccessful, and thus error location can be performed accurately.
  • the related protocol data is captured and completely analyzed so that a test result is more accurate; a testing process includes a complete data capturing analysis, detailed information on the protocol data in the device to be tested may be given so that test data is more complete; and a microtest is performed on an execution process of the protocol so that an error in protocol implementation may be located accurately.
  • the program may be stored in a computer readable storage medium.
  • the program may include the steps of the above-described method embodiments when being executed.
  • the storage medium may include a magnetic disc, an optical disc, a read only memory (ROM), a random access memory (RAM) and so on.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)

Description

    FIELD
  • The disclosure relates to the technical field of communications, and in particular to a method and a system for testing an authentication server.
    • BACKGROUND
  • Types of service based on the IP network become increasingly various, and involve national economy and all aspects of society. A wireless IP network transmits data via radio wave so that the openness of the physical network reaches a new level. Therefore, secure access has become a key issue for the safe operation of a wired network and a wireless network.
  • A secure access system of the IP network mainly includes three network entities: a network terminal, an access point and an authentication server. The network terminal makes a request of accessing a network to enjoy various resources provided by the network. The access point is an edge device of the IP interconnection network and an entity to provide access service to a network user. The authentication server is an entity to provide a service of user identity authentication.
  • National standard for a wireless local area network is promulgated and implemented in 2003, an authentication mechanism is implemented with a WAPI protocol, and then the broadband wireless IP standard working group promulgates an extended roaming protocol specification.
  • Currently, the testing system of a product certification protocol in a wireless local network field mainly includes an interoperability testing system of WI-FI alliance for IEEE802.11 standard. The system verifies the correctness of protocol implementation in a device to be tested by testing the communication performance and the interoperability between the device to be tested and a reference device, that is, the system tests a protocol conformance. The testing system has the following disadvantages: the completeness of testing the device is not high in a case that the device is tested in a typical application environment that is the interoperability of a higher layer protocol, and there may be deviation of a test result. The testing process is an interoperability testing which is similar to a black box testing, which only focuses on whether a final test result is successful; the testing process cannot be known, error location information in a case that the test is not passed cannot be given, and the accuracy of the test result may be affected seriously due to the correctness of the reference device implementation.
  • EP 1990972 A1 discloses a method for testing safety access protocol conformity to identification service entity. The method comprises following steps: checking whether certificates issued by identification service entity to be tested are conformed to specification or not; sending certificate identification request message to said entity by simulating identification applicant; capturing certificate identification response sent by said entity; gaining safety access protocol conformity test result by analyzing said certificate identification response.
    • SUMMARY
  • In order to solve the above-described technical issue, a method and a system for testing an authentication server are provided according to embodiments of the disclosure, which can be used to test an authentication server produced by equipment manufacturers for the correctness and the conformance of implementing a roaming authentication protocol, with which roaming authentication protocol data is sent to the authentication server to be tested by simulating an access point and the authentication server, response data sent by the authentication server to be tested is captured, and the response data is analyzed in detail, so as to ensure that a product passing the test fully complies with the provisions of the wireless local network national standard and the interoperability. The test result is accurate, test data is complete, and error location can be performed.
  • A method for testing an authentication server is provided according to the present disclosure, which includes:
    • installing a certificate of an authentication server to be tested in a monitor console and installing a certificate of the monitor console in the authentication server to be tested, wherein the installation is used to build a trust relationship between the monitor console and the authentication server to be tested;
    • constructing and sending, by the monitor console, based on a configuration type of the authentication server to be tested, according to a roaming authentication protocol, roaming authentication protocol data to the authentication server to be tested, wherein the roaming authentication protocol data is constructed based on the certificate of the monitor console which is installed in the authentication server to be tested;
    • capturing, by the monitor console, response data sent by the authentication server to be tested, and performing, by the monitor console according to the installed certificate of the authentication server to be tested, comparative analysis to determine whether field information in the response data is consistent with locally stored respective information; and
    • displaying that the authentication server to be tested is tested successfully in a case that the field information in the response data is completely consistent with the locally stored respective information; otherwise, displaying, by the monitor console, comparative analysis information.
  • A system for testing an authentication server is further provided according to the present disclosure, which includes:
    a monitor console, including a certificate installation unit and a monitoring and processing unit, where
    • the certificate installation unit is configured to install a certificate of an authentication server to be tested, wherein a certificate of the monitor console is installed in the authentication server to be tested, and the installation is used to build a trust relationship between the monitor console and the authentication server to be tested;
    • the monitoring and processing unit is configured to construct and send, based on a configuration type of the authentication server to be tested, according to a roaming authentication protocol, roaming authentication protocol data to the authentication server to be tested, wherein the roaming authentication protocol data is constructed based on the certificate of the monitor console which is installed in the authentication server to be tested; capture response data sent by the authentication server to be tested, and perform according to the installed certificate of the authentication server to be tested, comparative analysis to determine whether field information in the response data is consistent with the locally stored respective information; and display that the authentication server to be tested is tested successfully in a case that the field information in the response data is completely consistent with the locally stored respective information; otherwise, the monitoring and processing unit displays comparative analysis information.
  • It can be seen from the above-described embodiments that, a method and a system for testing an authentication server are provided according to the embodiments of the present disclosure. A certificate of an authentication server to be tested is installed in a monitor console and a certificate of the monitor console is installed in the authentication server to be tested; the monitor console constructs and sends, based on a configuration type of the authentication server to be tested, according to a roaming authentication protocol, roaming authentication protocol data to the authentication server to be tested; the monitor console captures response data sent by the authentication server to be tested, and performs comparative analysis to determine whether field information in the response data is consistent with locally stored respective information; and the monitor console displays that the authentication server to be tested is tested successfully in a case that the field information in the response data is completely consistent with the locally stored respective information; otherwise, the monitor console displays comparative analysis information. It can be seen from the present disclosure, the monitor console sends the roaming authentication protocol data to the authentication server to be tested by simulating an access point and the authentication server, captures the response data sent by the authentication server to be tested, performs comparative analysis on the response data, determines whether the testing is successful, and displays the comparative analysis information in a case that the testing is unsuccessful, and thus error location can be performed accurately. Hence, compared with the conventional technology, the present disclosure has the following advantages: the related protocol data is captured and completely analyzed so that a test result is more accurate; a testing process includes a complete data capturing analysis, detailed information on the protocol data in the device to be tested may be given so that test data is more complete; and a microtest is performed on an execution process of the protocol so that an error in protocol implementation may be located accurately.
    • BRIEF DESCRIPTION OF THE DRAWINGS
  • The drawings to be used in the description of embodiments of the disclosure or the conventional technology are described briefly as follows, so that technical solutions according to the embodiments of the present disclosure or according to the conventional technology become clearer. It is apparent that the drawings in the following description only illustrate some embodiments of the present disclosure. For those skilled in the art, other drawings may be obtained according to these drawings without any creative work.
    • Figure 1 is a method flowchart of a method for testing an authentication server according to a first embodiment of the present disclosure;
    • Figure 2 is a method flowchart of a method for testing an authentication server according to a second embodiment of the present disclosure;
    • Figure 3 is a method flowchart of a method for testing an authentication server according to a third embodiment of the present disclosure;
    • Figure 4 is a method flowchart of a method for testing an authentication server according to a fourth embodiment of the present disclosure; and
    • Figure 5 is a system structure drawing of a system for testing an authentication server according to a sixth embodiment of the present disclosure.
    DETAILED DESCRIPTION OF EMBODIMENTS
  • To make the above objects, features and advantages of the disclosure more apparent and easier to be understood, hereinafter specific embodiments of the disclosure are illustrated in detail in conjunction with the drawings.
    • First embodiment
  • Referring to Figure 1, Figure 1 is a method flowchart of a method for testing an authentication server according to a first embodiment of the present disclosure. The method includes steps 101 to 105.
  • In step 101, a certificate of an authentication server to be tested is installed in a monitor console and a certificate of the monitor console is installed in the authentication server to be tested. The installation is used to build a trust relationship between the monitor console and the authentication server to be tested.
  • In step 102, the monitor console constructs and sends roaming authentication protocol data to the authentication server to be tested, based on a configuration type of the authentication server to be tested, according to a roaming authentication protocol. The configuration type of the authentication server to be tested includes an home authentication server, an access authentication server and a center authentication server.
  • In step 103, the monitor console captures response data sent by the authentication server to be tested, and performs comparative analysis to determine whether field information in the response data is consistent with locally stored respective information.
  • In step 104, the monitor console displays that the authentication server to be tested is tested successfully in a case that the field information in the response data is completely consistent with the locally stored respective information.
  • In step 105, the monitor console displays comparative analysis information in a case that the field information in the response data is not completely consistent with the locally stored respective information.
  • Preferably, the constructing and sending, by the monitor console, based on a configuration type of the authentication server to be tested, according to a roaming authentication protocol, roaming authentication protocol data to the authentication server to be tested in step 102 may include:
    constructing, by the monitor console, based on the configuration type of the authentication server to be tested, a roaming certificate authentication request message, or, constructing and sending, by the monitor console, a certificate authentication request message to the authentication server to be tested. The configuration type of the authentication server to be tested includes an home authentication server, an access authentication server and a center authentication server.
  • Preferably, the capturing, by the monitor console, response data sent by the authentication server to be tested, and performing, by the monitor console, comparative analysis to determine whether field information in the response data is consistent with locally stored respective information in step 103 may include:
    • capturing, by the monitor console, a roaming certificate authentication response message sent by the authentication server to be tested, or, capturing, by the monitor console, a roaming certificate authentication request message sent by the authentication server to be tested; and
    • performing, by the monitor console, comparative analysis to determine whether field information in the roaming certificate authentication response message is consistent with locally stored respective information, and/or, performing, by the monitor console, comparative analysis to determine whether field information in the roaming certificate authentication request message is consistent with locally stored respective information.
  • It can be seen from the above-described embodiment that, according to the present disclosure, the monitor console sends the roaming authentication protocol data to the authentication server to be tested by simulating an access point and the authentication server, captures the response data sent by the authentication server to be tested, performs comparative analysis on the response data, determines whether the testing is successful, and displays the comparative analysis information in a case that the testing is unsuccessful, and thus error location can be performed accurately. Hence, compared with the conventional technology, the present disclosure has the following advantages: the related protocol data is captured and completely analyzed so that a test result is more accurate; a testing process includes a complete data capturing analysis, detailed information on the protocol data in the device to be tested may be given so that test data is more complete; and a microtest is performed on an execution process of the protocol so that an error in protocol implementation may be located accurately.
    • Second embodiment
  • A method for testing an authentication server according to the present disclosure is explained with a specific application scenario. For the method for testing the authentication server, a method flowchart of a method for testing an authentication server as shown in Figure 2 may be referred to, in a case that the authentication server to be tested is configured to be an home authentication server. The method includes steps 201 to 205.
  • In step 201, the monitor console constructs and sends a roaming certificate authentication request message to the authentication server to be tested.
  • In step 202, the monitor console captures a roaming certificate authentication response message sent by the authentication server to be tested.
  • Preferably, the roaming certificate authentication request message may include: an identity of an authentication server (AS) trusted by a terminal, an authenticator entity (AE) inquiry, an authentication supplicant entity (ASUE) inquiry, a certificate of an authentication supplicant entity, a certificate of the authenticator entity, a certificate authentication result of the authenticator entity, a certificate of an access authentication service unit (ASU), an extended attribute, a message authentication and other fields, where the message authentication field is a signature by calculating a private key corresponding to a certificate of the monitor console which is installed in the authentication server to be tested.
  • In step 203, the monitor console performs comparative analysis to determine whether field information in the roaming certificate authentication response message is consistent with locally stored respective information.
  • Preferably, the roaming certificate authentication response message may include: an identity of an access authentication server, a verification result of a certificate, a server signature trusted by the authentication supplicant entity, the certificate of the access authentication service unit, a server signature trusted by the authentication supplicant entity, the extended attribute, the message authentication and other fields.
  • Preferably, step 203 may include:
    • checking, by the monitor console, whether a WLAN Authentication Infrastructure (WAI) version number of the roaming certificate authentication response message complies with the wireless local network national standard;
    • checking, by the monitor console, whether a name of an access AS in the roaming certificate authentication response message is consistent with a name of a holder of an access AS certificate which is installed in an AP;
    • performing comparative analysis, by the monitor console, to determine whether a field content of a terminal certificate of a field of a certificate verification result in the roaming certificate authentication response message is the same as content of locally stored terminal certificate, and checking whether a value of a code field of the verification result of a certificate of the terminal is valid;
    • performing comparative analysis, by the monitor console, to determine whether the certificate of the access ASU in roaming certificate authentication response message is the same as a certificate of the access ASU in the roaming certificate authentication request message sent by the monitor console;
    • performing comparative analysis, by the monitor console, to determine whether content of a certificate field in content of a message authentication field in the roaming certificate authentication response message is consistent with content of an AS certificate which is installed in the monitor console and trusted by the client; and
    • verifying, by the monitor console, whether a signature field of the content of the message authentication field in the roaming certificate authentication response message and a signature field ahead the message authentication field in the roaming certificate authentication response message are correct. The signature value is validated by using a public key of the installed certificate of an authentication server to be tested.
  • In step 204, the monitor console displays that the authentication server to be tested is tested successfully in a case that all the field information is consistent with the locally stored respective information.
  • In step 205, the monitor console displays comparative analysis information in a case that not all the field information is consistent with the locally stored respective information.
  • It can be seen from the above-described embodiment that, in a case that the authentication server to be tested is configured to be an home authentication server, the monitor console constructs and sends the roaming certificate authentication request message to the authentication server to be tested by simulating an AS, captures the roaming certificate authentication response message sent by the authentication server to be tested, and performs comparative analysis to determine whether field information in the roaming certificate authentication response message is consistent with the locally stored respective information. In this way of analyzing the response data, the test result is more accurate, test data is more complete, and error location can be performed accurately. The above-described testing method can ensure that a server passing the testing can fully comply with the wireless local network national standard and the interoperability.
    • Third embodiment
  • A method for testing an authentication server according to the present disclosure is explained with a specific application scenario. For the method for testing the authentication server, a method flowchart of a method for testing an authentication server as shown in Figure 3 may be referred to, in a case that the authentication server to be tested is configured to be an access authentication server. The method includes steps 301 to 308.
  • In step 301, a certificate of an authentication server to be tested is installed in a monitor console and a certificate of the monitor console is installed in the authentication server to be tested.
  • In step 302, the monitor console constructs and sends a certificate authentication request message to the authentication server to be tested.
  • In step 303, the monitor console captures a roaming certificate authentication request message sent by the authentication server to be tested.
  • In step 304, the monitor console performs comparative analysis to determine whether the roaming certificate authentication request message is consistent with locally stored respective information.
  • Preferably, step 304 may include: checking, by the monitor console, whether a WAI version number of the roaming certificate authentication request message complies with the wireless local network national standard;
    • performing comparative analysis, by the monitor console, to determine whether a name of an authentication server trusted by a terminal in the roaming certificate authentication request message is consistent with a name of a holder of a certificate of an authentication server which is installed in the monitor console and trusted by a terminal;
    • performing comparative analysis, by the monitor console, to determine whether a certificate of an STAasue in the roaming certificate authentication request message is consistent with a certificate of a terminal user which is installed in the monitor console;
    • performing comparative analysis, by the monitor console, to determine whether a certificate of an STAae in the roaming certificate authentication request message is consistent with a certificate of a user of an access point (AP) which is installed in the monitor console;
    • performing comparative analysis, by the monitor console, to determine whether a certificate of an access authentication server unit in the roaming certificate authentication request message is consistent with a certificate of an authentication service unit which is installed in the monitor console and trusted by the AP;
    • performing comparative analysis, by the monitor console, to determine whether a certificate field of a content field of a message authentication in the roaming certificate authentication request message is consistent with the certificate of the authentication service unit which is installed in the monitor console and trusted by the AP; and
    • verifying, by the monitor console, to determine whether a signature filed of the content field of the message authentication in the roaming certificate authentication request message and a field ahead the message authentication field in the roaming certificate authentication request message are correct.
  • In step 305, the monitor console constructs and sends a roaming certificate authentication response message to the authentication server to be tested in a case that all the field information is consistent with the locally stored respective information; otherwise, step 308 is executed.
  • In step 306, the monitor console captures the roaming certificate authentication response message sent by the authentication server to be tested, and performs comparative analysis to determine whether the field information in the certificate authentication response message is consistent with the locally stored respective information.
  • Preferably, the performing comparative analysis to determine whether field information in the certificate authentication response message is consistent with the locally stored respective information in step 306 may include:
    • checking, by the monitor console, whether a WAI version number of the certificate authentication response message complies with the wireless local network national standard;
    • performing comparative analysis, by the monitor console, to determine whether content of a terminal certificate field in a certificate authentication result information field in the certificate authentication response message is the same as content of locally stored terminal certificate, and checking whether a code field of a verification result of the terminal certificate is valid;
    • performing comparative analysis, by the monitor console, to determine whether content of an access point certificate field in the certificate authentication result information field in the certificate authentication response message is the same as content of locally stored access point certificate, and checking whether a code field of a verification result of the access point certificate is valid; and
    • verifying, by the monitor console, whether a signature field of a server trusted by an authenticator entity in the certificate authentication response message and a data field ahead the signature field are correct.
  • In step 307, the monitor console displays that the authentication server to be tested is tested successfully in a case that all the field information is consistent with the locally stored respective information.
  • In step 308, the monitor console displays comparative analysis information in a case that not all the field information is consistent with the locally stored respective information.
  • It can be seen from the above-described embodiment that, in a case that the authentication server to be tested is configured to be an access authentication server, the monitor console constructs the certificate authentication request message by simulating the access point, captures a roaming certificate authentication request message sent by the authentication server to be tested, performs comparative analysis to determine whether the field content of the roaming certificate authentication request message is consistent with the locally stored respective information. In a case that the field information is completely consistent with the locally stored respective information, the monitor console constructs and sends a roaming certificate authentication response message to the authentication server to be tested, captures the certificate authentication response message sent by the authentication server to be tested, and performs comparative analysis to determine whether the certificate authentication response message is consistent with the locally stored respective information. By performing comparative analysis on the response data in the authentication server to be tested twice, it is tested accurately whether the authentication server to be tested complies with the wireless local network national standard and the interoperability. In this way of analyzing the response data, the test result is more accurate, test data is more complete, and error location can be performed accurately.
    • Fourth embodiment
  • A method for testing an authentication server according to the present disclosure is explained with a specific application scenario. For the method for testing the authentication server, a method flowchart of a method for testing an authentication server as shown in Figure 4 may be referred to, in a case that the authentication server to be tested is configured to be a center authentication server. The method includes steps 401 to 408.
  • In step 401, a certificate of an authentication server to be tested is installed in a monitor console and a certificate of the monitor console is installed in the authentication server to be tested.
  • In step 402, the monitor console constructs and sends a roaming certificate authentication request message to the authentication server to be tested.
  • In step 403, the monitor console captures a roaming certificate authentication request message sent by the authentication server to be tested.
  • In step 404, the monitor console performs comparative analysis to determine whether field information in the captured roaming certificate authentication request message is consistent with the locally stored respective information.
  • Preferably, step 404 may include:
    • checking whether a WAI version number of the roaming certificate authentication request message complies with the wireless local network national standard;
    • performing comparative analysis to determine whether a name of an authentication server trusted by a terminal in the roaming certificate authentication request message is consistent with a name of a holder of a certificate of an authentication server which is installed in the monitor console and trusted by a terminal;
    • performing comparative analysis, by the monitor console, to determine whether an ADDID field in the roaming certificate authentication request message is consistent with an ADDID field in the roaming certificate authentication request message sent by the monitor console to the authentication server to be tested;
    • performing comparative analysis, by the monitor console, to determine whether an authenticator entity inquiry field in the roaming certificate authentication request message is consistent with an authenticator entity inquiry field in the roaming certificate authentication request message sent by the monitor console to the authentication server to be tested;
    • performing comparative analysis, by the monitor console, to determine whether an ASUE inquiry field in the roaming certificate authentication request message is consistent with an ASUE inquiry field in the roaming certificate authentication request message sent by the monitor console to the authentication server to be tested;
    • performing comparative analysis, by the monitor console, to determine whether a field of a certificate of an STAasue in the roaming certificate authentication request message is consistent with a certificate of a terminal user which is installed in the monitor console;
    • performing comparative analysis, by the monitor console, to determine whether the field of the certificate of the STAae in the roaming certificate authentication request message is consistent with a certificate of a user of an AP which is installed in the monitor console;
    • performing comparative analysis, by the monitor console, to determine whether an authentication result of the certificate of the STAae in the roaming certificate authentication request message is consistent with an authentication result of a certificate of an STAae in the roaming certificate authentication request message sent by the monitor console to the authentication server to be tested;
    • performing comparative analysis, by the monitor console, to determine whether a field of a certificate of an access ASU in the roaming certificate authentication request message is consistent with a certificate of an authentication server trusted by an AP which is installed in the monitor console; and
    • performing comparative analysis, by the monitor console, to determine whether a message authentication field in the roaming certificate authentication request message is consistent with a message authentication field in the roaming certificate authentication request message sent by the monitor console to the authentication server to be tested.
  • In step 405, the monitor console constructs and sends a roaming certificate authentication response message to the authentication server to be tested in a case that all the field information is consistent with the locally stored respective information; otherwise, step 408 is executed.
  • In step 406, the monitor console captures the roaming certificate authentication response message sent by the authentication server to be tested, and performs comparative analysis to determine whether the field information in the captured certificate authentication response message is consistent with the locally stored respective information.
  • Preferably, the step 406 may include:
    • checking, by the monitor console, whether a WAI version number of the roaming certificate authentication response message complies with the standard;
    • checking, by the monitor console, whether a name of an access authentication server in the roaming certificate authentication response message is consistent with a name of a holder of a certificate of an authentication server which is installed in the monitor console and trusted by an AP;
    • performing comparative analysis, by the monitor console, to determine whether an ADDID field in the roaming certificate authentication response message is consistent with an ADDID field in the roaming certificate authentication response message sent by the monitor console to the authentication server to be tested;
    • performing comparative analysis, by the monitor console, to determine whether a field of a certificate verification result in the roaming authentication response message is consistent with a field of a certificate verification result in the roaming authentication response message sent by the monitor console to the authentication server to be tested; and
    • performing comparative analysis, by the monitor console, to determine whether a field of a first signature of a server trusted by an authentication supplicant entity in the roaming certificate authentication response message is consistent with a field of a first signature of a server trusted by an authentication supplicant entity in the roaming certificate authentication response message sent by the monitor console to the authentication server to be tested.
  • The monitor console performs comparative analysis to determine whether a field of a certificate of an access ASU in the roaming certificate authentication response message is consistent with a certificate of an AS trusted by an AP which is installed in the monitor console.
  • The monitor console performs comparative analysis to determine whether a field of a second signature of a server trusted by an authentication supplicant entity in the roaming certificate authentication response message is consistent with a field of a second signature of a server trusted by an authentication supplicant entity in the roaming certificate authentication response message sent by the monitor console to the authentication server to be tested.
  • The monitor console performs comparative analysis to determine whether a message authentication field in the roaming certificate authentication response message is consistent with a message authentication field in the roaming certificate authentication response message sent by the monitor console to the authentication server to be tested.
  • In step 407, the monitor console displays that the authentication server to be tested is tested successfully in a case that all the field information is consistent with the locally stored respective information.
  • In step 408, the monitor console displays comparative analysis information in a case that not all the field information is consistent with the locally stored respective information.
  • It can be seen from the above-described embodiment that, in a case that the authentication server to be tested is configured to be the center authentication server, the monitor console constructs the roaming certificate authentication request message by simulating the access authentication server, captures a roaming certificate authentication request message sent by the authentication server to be tested, performs comparative analysis to determine whether the field content of the roaming certificate authentication request message is consistent with the locally stored respective information. In a case that the field information is completely consistent with the locally stored respective information, the monitor console constructs and sends a roaming certificate authentication response message to the authentication server to be tested, captures the roaming certificate authentication response message sent by the authentication server to be tested, and performs comparative analysis to determine whether the field content of in the roaming certificate authentication response message is consistent with the locally stored respective information. By performing comparative analysis on the response data in the authentication server to be tested twice, it is tested accurately whether the authentication server to be tested complies with the wireless local network national standard and the interoperability. In this way of analyzing the response data, the test result is more accurate, test data is more complete, and error location can be performed accurately.
    • Fifth embodiment
  • For the method for testing an authentication server according to the first embodiment, a system for testing an authentication server is provided according to the fifth embodiment, which includes:
    a monitor console, including a certificate installation unit and a monitoring and processing unit, where
    • the certificate installation unit is configured to install a certificate of an authentication server to be tested;
    • the monitoring and processing unit is configured to construct and send, based on a configuration type of the authentication server to be tested, according to a roaming authentication protocol, roaming authentication protocol data to the authentication server to be tested; capture response data sent by the authentication server to be tested, and perform comparative analysis to determine whether field information in the response data is consistent with the locally stored respective information; and display that the authentication server to be tested is tested successfully in a case that the field information in the response data is completely consistent with the locally stored respective information; otherwise, the monitoring and processing unit displays comparative analysis information.
  • It can be seen from the above-described embodiment that, in the system for testing the authentication server according to the present disclosure, the monitor console sends, based on a configuration type of the authentication server to be tested, the roaming authentication protocol data to the authentication server to be tested by simulating an access point and the authentication server, the monitor console captures the response data sent by the authentication server to be tested, performs comparative analysis on the response data, determines whether the testing is successful, and displays the comparative analysis information in a case that the testing is unsuccessful, and thus error location can be performed accurately. Hence, compared with the conventional technology, the present disclosure has the following advantages: the related protocol data is captured and completely analyzed so that a test result is more accurate; a testing process includes a complete data capturing analysis, detailed information on the protocol data in the device to be tested may be given so that test data is more complete; and a microtest is performed on an execution process of the protocol so that an error in protocol implementation may be located accurately.
    • Sixth embodiment
  • To explain the system for testing the authentication server according to the present disclosure in detail, a system for testing an authentication server is further provided according to the sixth embodiment. Reference is made to a structural diagram of an authentication server system as shown in Figure 5, which includes a monitor console 501, a hub 502 and an authentication server to be tested 503, where the monitor console 501 and the authentication server to be tested 503 are connected to the hub 502. The monitor console 501 includes a certificate installation unit and a monitoring and processing unit. The certificate installation unit is configured to install a certificate of an authentication server to be tested. The monitoring and processing unit is configured to construct and send, based on a configuration type of the authentication server to be tested, according to a roaming authentication protocol, roaming authentication protocol data to the authentication server to be tested; capture response data sent by the authentication server to be tested, and perform comparative analysis to determine whether field information in the response data is consistent with the locally stored respective information; and display that the authentication server to be tested is tested successfully in a case that the field information in the response data is completely consistent with the locally stored respective information; otherwise, the monitoring and processing unit displays comparative analysis information.
  • The server to be tested includes a module configured to install a certificate of the monitor console.
  • The authentication server to be tested 503 is configured to send response data according to a roaming authentication protocol, based on the received roaming authentication protocol data.
  • Preferably, the monitoring and processing unit may include:
    • a constructing module configured to construct, based on the configuration type of the authentication server to be tested, a roaming certificate authentication request message, or, construct and send a certificate authentication request message to the authentication server to be tested,
      where the configuration type of the authentication server to be tested includes an home authentication server, an access authentication server and a center authentication server;
    • a capturing module configured to capture a roaming certificate authentication response message sent by the authentication server to be tested, or, capture a roaming certificate authentication request message sent by the authentication server to be tested; and
    • a comparison module configured to perform comparative analysis to determine whether field information in the roaming certificate authentication response message is consistent with locally stored respective information, and/or, perform comparative analysis to determine whether field information in the roaming certificate authentication request message is consistent with the locally stored respective information.
  • Preferably, in a case that the authentication server to be tested is configured to be an home authentication server, the monitoring and processing unit may include:
    • a first constructing module configured to construct and send a roaming certificate authentication request message to the authentication server to be tested;
    • a first capturing module configured to capture a roaming certificate authentication response message sent by the authentication server to be tested;
    • a first comparison module configured to perform comparative analysis to determine whether field information in the roaming certificate authentication response message is consistent with the locally stored respective information; and
    • a first display module configured to display that the authentication server to be tested is tested successfully in a case that all the field information in the first comparison module is consistent with the locally stored respective information; otherwise, the first display module displays comparative analysis information.
  • Preferably, in a case that the authentication server to be tested is configured to be an access authentication server, the monitoring and processing unit may include:
    • a second constructing module configured to construct and send a certificate authentication request message to the authentication server to be tested;
    • a second capturing module configured to capture a roaming certificate authentication request message sent by the authentication server to be tested;
    • a second comparison module configured to perform comparative analysis to determine whether the roaming certificate authentication request message is consistent with the locally stored respective information;
    • a third constructing module configured to construct and send a roaming certificate authentication response message to the authentication server to be tested in a case that all the field information in the second comparison module is consistent with the locally stored respective information;
    • a third capturing module configured to capture a certificate authentication response message sent by the authentication server to be tested;
    • a third comparison module configured to perform comparative analysis to determine whether field information in the certificate authentication response message is consistent with the locally stored respective information; and
    • a second display module configured to display that the authentication server to be tested is tested successfully in a case that all the field information in the third comparison module is completely consistent with the locally stored respective information; otherwise, the second display module displays comparative analysis information.
  • Preferably, in a case that the authentication server to be tested is configured to be a center authentication server, the monitoring and processing unit may include:
    • a fourth constructing module configured to construct and send a roaming certificate authentication request message to the authentication server to be tested;
    • a fourth capturing module configured to capture a roaming certificate authentication request message sent by the authentication server to be tested;
    • a fourth comparison module configured to perform comparative analysis to determine whether field information in the captured roaming certificate authentication request message is consistent with the locally stored respective information;
    • a fifth constructing module configured to construct and send a roaming certificate authentication response message to the authentication server to be tested in a case that all the field information in the fourth comparison module is consistent with the locally stored respective information;
    • a fifth capturing module configured to capture a roaming certificate authentication response message sent by the authentication server to be tested;
    • a fifth comparison module configured to perform comparative analysis to determine whether field information in the captured roaming certificate authentication response message is consistent with the locally stored respective information; and
    • a third display module configured to display that the authentication server to be tested is tested successfully in a case that all the field information in the fifth comparison module is consistent with the locally stored respective information; otherwise, the third display module displays comparative analysis information.
  • Preferably, the server to be tested may include a module configured to install a certificate of the monitor console in a case that the monitor console tests the authentication server to be tested.
  • It can be seen from the above-described embodiment that, in the system for testing the authentication server according to the present disclosure, the monitor console sends the protocol data to the authentication server to be tested by simulating an access point, captures the response data sent by the authentication server to be tested, performs comparative analysis on the response data, determines whether the testing is successful, and displays the comparative analysis information in a case that the testing is unsuccessful, and thus error location can be performed accurately. In the system for testing the authentication server, the related protocol data is captured and completely analyzed so that a test result is more accurate; a testing process includes a complete data capturing analysis, detailed information on the protocol data in the device to be tested may be given so that test data is more complete; and a microtest is performed on an execution process of the protocol so that an error in protocol implementation may be located accurately.
  • It can be understood by those skilled in the art that all or a part of steps of the above-described embodiment methods may be realized by hardware which is instructed by a computer program. The program may be stored in a computer readable storage medium. The program may include the steps of the above-described method embodiments when being executed. The storage medium may include a magnetic disc, an optical disc, a read only memory (ROM), a random access memory (RAM) and so on.
  • It should be noted that the relationship terminologies such as "first", "second" and the like are only used herein to distinguish one entity or operation from another, rather than to necessitate or imply that an actual relationship or order exists between the entities or operations. Furthermore, terms of "include", "comprise" or any other variants are intended to be non-exclusive. Therefore, a process, method, article or device including a plurality of elements includes not only the disclosed elements but also other elements that are not clearly enumerated, or also include inherent elements of the process, method, article or device. Unless expressively limited otherwise, the statement "including a..." does not exclude the case that other similar elements may exist in the process, method, article or device other than enumerated elements.
  • The method and the system for testing an authentication server according to the embodiments of the disclosure are introduced in detail above, the principles and implementing ways of the disclosure are clarified with specific examples, and the above illustration of the embodiments is only intended to help to understand the method and core concept of disclosure. In addition, those skilled in the art may make some changes to the specific embodiments and the application scope based on the concept of the disclosure. In summary, the specification should not be construed as limiting the disclosure.

Claims (12)

  1. A method for testing an authentication server, comprising:
    installing a certificate of an authentication server (503) to be tested in a monitor console (501) and installing a certificate of the monitor console (501) in the authentication server (503) to be tested, wherein the installation is used to build a trust relationship between the monitor console (501) and the authentication server (503) to be tested;
    constructing and sending, by the monitor console (501), based on a configuration type of the authentication server (503) to be tested, according to a roaming authentication protocol, roaming authentication protocol data to the authentication server (503) to be tested, wherein the roaming authentication protocol data is constructed based on the certificate of the monitor console (501) which is installed in the authentication server (503) to be tested;
    capturing, by the monitor console, response data sent by the authentication server (503) to be tested, and performing, by the monitor console (501) according to the installed certificate of the authentication server (503) to be tested, comparative analysis to determine whether field information in the response data is consistent with locally stored respective information; and
    displaying that the authentication server (503) to be tested is tested successfully in a case that the field information in the response data is completely consistent with the locally stored respective information; otherwise, displaying, by the monitor console, comparative analysis information.
  2. The method according to claim 1, wherein the constructing and sending, by the monitor console (501), based on a configuration type of the authentication server (503) to be tested, according to a roaming authentication protocol, roaming authentication protocol data to the authentication server (503) to be tested comprises:
    constructing, by the monitor console (501), based on the configuration type of the authentication server (503) to be tested, a roaming certificate authentication request message, or, constructing and sending, by the monitor console (501), a certificate authentication request message to the authentication server (503) to be tested, wherein the configuration type of the authentication server (503) to be tested comprises a home authentication server, an access authentication server and a center authentication server.
  3. The method according to claim 1, wherein the capturing, by the monitor console (501), response data sent by the authentication server (503) to be tested, and performing, by the (501) monitor console, comparative analysis to determine whether field information in the response data is consistent with locally stored respective information comprises:
    capturing, by the monitor console, a roaming certificate authentication response message sent by the authentication server (503) to be tested, or, capturing, by the monitor console (501), a roaming certificate authentication request message sent by the authentication server (503) to be tested; and
    performing, by the monitor console, comparative analysis to determine whether field information in the roaming certificate authentication response message is consistent with locally stored respective information, and/or, performing, by the monitor console, comparative analysis to determine whether field information in the roaming certificate authentication request message is consistent with locally stored respective information.
  4. The method according to claim 1, wherein in a case that the authentication server (503) to be tested is configured to be a home authentication server, the monitor console (501) constructs and sends a roaming certificate authentication request message to the authentication server (503) to be tested;
    the monitor console captures a roaming certificate authentication response message sent by the authentication server (503) to be tested;
    the monitor console (501) performs comparative analysis to determine whether field information in the roaming certificate authentication response message is consistent with the locally stored respective information; and
    the monitor console displays that the authentication server (503) to be tested is tested successfully in a case that all the field information is consistent with the locally stored respective information; otherwise, the monitor console (501) displays comparative analysis information.
  5. The method according to claim 1, wherein in a case that the authentication server to be tested is configured to be an access authentication server, the monitor console constructs and sends a certificate authentication request message to the authentication server (503) to be tested;
    the monitor console (501) captures a roaming certificate authentication request message sent by the authentication server (503) to be tested;
    the monitor console (501) performs comparative analysis to determine whether the roaming certificate authentication request message is consistent with the locally stored respective information;
    the monitor console (501) constructs and sends a roaming certificate authentication response message to the authentication server (503) to be tested in a case that all the field information is consistent with the locally stored respective information;
    the monitor console (501) captures a certificate authentication response message sent by the authentication server (503) to be tested, and performs comparative analysis to determine whether field information in the certificate authentication response message is consistent with the locally stored respective information; and
    the monitor console (501) displays that the authentication server (503) to be tested is tested successfully in a case that all the field information is completely consistent with the locally stored respective information; otherwise, the monitor console (501) displays comparative analysis information.
  6. The method according to claim 1, wherein in a case that the authentication server (503) to be tested is configured to be a center authentication server, the monitor console (501) constructs and sends a roaming certificate authentication request message to the authentication server (503) to be tested;
    the monitor console (501) captures a roaming certificate authentication request message sent by the authentication server (503) to be tested;
    the monitor console (501) performs comparative analysis to determine whether field information in the captured roaming certificate authentication request message is consistent with the locally stored respective information;
    the monitor console (501) constructs and sends a roaming certificate authentication response message to the authentication server (503) to be tested in a case that all the field information is consistent with the locally stored respective information;
    the monitor console (501) captures a roaming certificate authentication response message sent by the authentication server (503) to be tested;
    the monitor console (501) performs comparative analysis to determine whether field information in the captured roaming certificate authentication response message is consistent with the locally stored respective information; and
    the monitor console (501) displays that the authentication server (503) to be tested is tested successfully in a case that all the field information is completely consistent with the locally stored respective information; otherwise, the monitor console displays comparative analysis information.
  7. A system for testing an authentication server, comprising:
    a monitor console (501), comprising a certificate installation unit and a monitoring and processing unit, wherein
    the certificate installation unit is configured to install a certificate of an authentication server (503) to be tested, wherein a certificate of the monitor console (501) is installed in the authentication server (503) to be tested, and the installation is used to build a trust relationship between the monitor console (501) and the authentication server (503) to be tested;
    the monitoring and processing unit is configured to construct and send, based on a configuration type of the authentication server (503) to be tested, according to a roaming authentication protocol, roaming authentication protocol data to the authentication server to be tested, wherein the roaming authentication protocol data is constructed based on the certificate of the monitor console (501) which is installed in the authentication server (503) to be tested; capture response data sent by the authentication server (503) to be tested, and perform, according to the installed certificate of the authentication server to be tested, comparative analysis to determine whether field information in the response data is consistent with the locally stored respective information; and display that the authentication server (503) to be tested is tested successfully in a case that the field information in the response data is completely consistent with the locally stored respective information; otherwise, the monitoring and processing unit displays comparative analysis information.
  8. The system according to claim 7, wherein the monitoring and processing unit comprises:
    a constructing module configured to construct, based on the configuration type of the authentication server (503) to be tested, a roaming certificate authentication request message, or, construct and send a certificate authentication request message to the authentication server (503) to be tested, wherein the configuration type of the authentication server (503) to be tested comprises a home authentication server, an access authentication server and a center authentication server;
    a capturing module configured to capture a roaming certificate authentication response message sent by the authentication server (503) to be tested, or, capture a roaming certificate authentication request message sent by the authentication server (503) to be tested; and
    a comparison module configured to perform comparative analysis to determine whether field information in the roaming certificate authentication response message is consistent with locally stored respective information, and/or, perform comparative analysis to determine whether field information in the roaming certificate authentication request message is consistent with the locally stored respective information.
  9. The system according to claim 7, wherein in a case that the authentication server (503) to be tested is configured to be a home server, the monitoring and processing unit comprises:
    a first constructing module configured to construct and send a roaming certificate authentication request message to the authentication server (503) to be tested;
    a first capturing module configured to capture a roaming certificate authentication response message sent by the authentication server to be tested;
    a first comparison module configured to perform comparative analysis to determine whether field information in the roaming certificate authentication response message is consistent with the locally stored respective information; and
    a first display module configured to display that the authentication server (503) to be tested is tested successfully in a case that all the field information in the first comparison module is consistent with the locally stored respective information; otherwise, the first display module displays comparative analysis information.
  10. The system according to claim 7, wherein in a case that the authentication server to be tested is configured to be an access authentication server, the monitoring and processing unit comprises:
    a second constructing module configured to construct and send a certificate authentication request message to the authentication server (503) to be tested;
    a second capturing module configured to capture a roaming certificate authentication request message sent by the authentication server (503) to be tested;
    a second comparison module configured to perform comparative analysis to determine whether the roaming certificate authentication request message is consistent with the locally stored respective information;
    a third constructing module configured to construct and send a roaming certificate authentication response message to the authentication server to be tested in a case that all the field information in the second comparison module is consistent with the locally stored respective information;
    a third capturing module configured to capture a certificate authentication response message sent by the authentication server to be tested;
    a third comparison module configured to perform comparative analysis to determine whether field information in the certificate authentication response message is consistent with the locally stored respective information; and
    a second display module configured to display that the authentication server (503) to be tested is tested successfully in a case that all the field information in the third comparison module is completely consistent with the locally stored respective information; otherwise, the second display module displays comparative analysis information.
  11. The system according to claim 7, wherein in a case that the authentication server to be tested is configured to be a center authentication server, the monitoring and processing unit comprises:
    a fourth constructing module configured to construct and send a roaming certificate authentication request message to the authentication server (503) to be tested;
    a fourth capturing module configured to capture a roaming certificate authentication request message sent by the authentication server (503) to be tested;
    a fourth comparison module configured to perform comparative analysis to determine whether field information in the captured roaming certificate authentication request message is consistent with the locally stored respective information;
    a fifth constructing module configured to construct and send a roaming certificate authentication response message to the authentication server (503) to be tested in a case that all the field information in the fourth comparison module is consistent with the locally stored respective information;
    a fifth capturing module configured to capture a roaming certificate authentication response message sent by the authentication server (503) to be tested;
    a fifth comparison module configured to perform comparative analysis to determine whether field information in the captured roaming certificate authentication response message is consistent with the locally stored respective information; and
    a third display module configured to display that the authentication server to be tested is tested successfully in a case that all the field information in the fifth comparison module is consistent with the locally stored respective information; otherwise, the third display module displays comparative analysis information.
  12. The system according to any one of claims 7 to 11, wherein the server (503) to be tested comprises a module configured to install a certificate of the monitor console in a case that the monitor console tests the authentication server (503) to be tested.
EP14845212.1A 2013-09-17 2014-07-30 Authentication server testing method and system Active EP3048757B1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201310425993.2A CN103442383B (en) 2013-09-17 2013-09-17 A kind of method of testing of authentication server and system
PCT/CN2014/083280 WO2015039498A1 (en) 2013-09-17 2014-07-30 Authentication server testing method and system

Publications (3)

Publication Number Publication Date
EP3048757A1 EP3048757A1 (en) 2016-07-27
EP3048757A4 EP3048757A4 (en) 2016-09-21
EP3048757B1 true EP3048757B1 (en) 2019-06-26

Family

ID=49696035

Family Applications (1)

Application Number Title Priority Date Filing Date
EP14845212.1A Active EP3048757B1 (en) 2013-09-17 2014-07-30 Authentication server testing method and system

Country Status (6)

Country Link
US (1) US10069816B2 (en)
EP (1) EP3048757B1 (en)
JP (1) JP6220075B2 (en)
KR (1) KR101816463B1 (en)
CN (1) CN103442383B (en)
WO (1) WO2015039498A1 (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103442383B (en) 2013-09-17 2016-05-25 西安西电捷通无线网络通信股份有限公司 A kind of method of testing of authentication server and system
CN104009889B (en) * 2014-06-10 2017-04-26 西安西电捷通无线网络通信股份有限公司 Communication protocol testing method and tested equipment and testing platform of communication protocol testing method
CN114679402B (en) * 2022-03-25 2024-05-14 武汉联影智融医疗科技有限公司 Method and device for testing communication protocol between upper computer and lower computer of medical robot

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100389555C (en) 2005-02-21 2008-05-21 西安西电捷通无线网络通信有限公司 An access authentication method suitable for wired and wireless network
CN100448239C (en) * 2006-02-28 2008-12-31 西安西电捷通无线网络通信有限公司 Method for testing safety switch-in protocol conformity to identify service entity and system thereof
CN100369446C (en) * 2006-02-28 2008-02-13 西安西电捷通无线网络通信有限公司 Method for testing safety switch-in protocol conformity of turn-on point and system thereof
CN100496052C (en) * 2006-02-28 2009-06-03 西安西电捷通无线网络通信有限公司 Method and system for testing safety access protocol conformity of network terminal
JP2009181358A (en) * 2008-01-30 2009-08-13 Duaxes Corp Testing device
CN100593936C (en) * 2008-05-09 2010-03-10 西安西电捷通无线网络通信有限公司 Roaming authentication method based on WAPI
CN101431517B (en) * 2008-12-08 2011-04-27 西安西电捷通无线网络通信股份有限公司 Trusted network connection handshaking method based on ternary equity identification
CN103442383B (en) * 2013-09-17 2016-05-25 西安西电捷通无线网络通信股份有限公司 A kind of method of testing of authentication server and system

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
None *

Also Published As

Publication number Publication date
CN103442383A (en) 2013-12-11
KR101816463B1 (en) 2018-01-08
US10069816B2 (en) 2018-09-04
US20160205090A1 (en) 2016-07-14
EP3048757A4 (en) 2016-09-21
EP3048757A1 (en) 2016-07-27
JP2016533138A (en) 2016-10-20
JP6220075B2 (en) 2017-10-25
CN103442383B (en) 2016-05-25
KR20160052662A (en) 2016-05-12
WO2015039498A1 (en) 2015-03-26

Similar Documents

Publication Publication Date Title
KR101017312B1 (en) Method and device for testing conformity of secure access protocol at access point
KR100981465B1 (en) Method and device for secure access protocol conformance testing on authentication service entity
EP3902012A1 (en) Fault diagnostic method and apparatus, and vehicle
EP3048759B1 (en) Fault diagnosis method, device and system
JP5866030B2 (en) System and method for authentication
US20140281480A1 (en) Systems and methods for providing secure communication
CN111555920B (en) Intelligent operation and maintenance method, system, equipment and user side
EP3048757B1 (en) Authentication server testing method and system
CN104580141A (en) Method and apparatus for detecting unauthorized access point
CN102905256B (en) Security assessment method for wireless local area network card based on penetration test
CN114928843A (en) Pseudo base station defense method and device, communication equipment and readable storage medium
CN107529165B (en) The recognition methods of wireless access points legitimacy under a kind of Campus Net
CN100496052C (en) Method and system for testing safety access protocol conformity of network terminal
JP2016533138A5 (en)
JP2015170220A (en) Equipment authentication method and equipment authentication system
US20230164139A1 (en) Automatic discovery of access point controller
JP2014186703A (en) Authentication apparatus and authentication method
WO2023129730A1 (en) Remotely accessing an endpoint device using a distributed systems architecture
CN105743923A (en) Method for verifying whether shoes are quality products or not by utilizing mobile phone

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20160314

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

AX Request for extension of the european patent

Extension state: BA ME

A4 Supplementary search report drawn up and despatched

Effective date: 20160824

RIC1 Information provided on ipc code assigned before grant

Ipc: H04W 84/12 20090101ALN20160818BHEP

Ipc: H04L 29/06 20060101AFI20160818BHEP

Ipc: H04W 12/06 20090101ALI20160818BHEP

DAX Request for extension of the european patent (deleted)
REG Reference to a national code

Ref country code: DE

Ref legal event code: R079

Ref document number: 602014049222

Country of ref document: DE

Free format text: PREVIOUS MAIN CLASS: H04L0012240000

Ipc: H04L0029060000

GRAP Despatch of communication of intention to grant a patent

Free format text: ORIGINAL CODE: EPIDOSNIGR1

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: GRANT OF PATENT IS INTENDED

RIC1 Information provided on ipc code assigned before grant

Ipc: H04L 29/06 20060101AFI20181219BHEP

Ipc: H04L 12/26 20060101ALI20181219BHEP

Ipc: H04W 12/06 20090101ALI20181219BHEP

Ipc: H04W 84/12 20090101ALN20181219BHEP

INTG Intention to grant announced

Effective date: 20190118

GRAS Grant fee paid

Free format text: ORIGINAL CODE: EPIDOSNIGR3

GRAA (expected) grant

Free format text: ORIGINAL CODE: 0009210

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE PATENT HAS BEEN GRANTED

AK Designated contracting states

Kind code of ref document: B1

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

REG Reference to a national code

Ref country code: GB

Ref legal event code: FG4D

REG Reference to a national code

Ref country code: CH

Ref legal event code: EP

REG Reference to a national code

Ref country code: AT

Ref legal event code: REF

Ref document number: 1149632

Country of ref document: AT

Kind code of ref document: T

Effective date: 20190715

REG Reference to a national code

Ref country code: DE

Ref legal event code: R096

Ref document number: 602014049222

Country of ref document: DE

REG Reference to a national code

Ref country code: IE

Ref legal event code: FG4D

REG Reference to a national code

Ref country code: NL

Ref legal event code: MP

Effective date: 20190626

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: HR

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20190626

Ref country code: LT

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20190626

Ref country code: NO

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20190926

Ref country code: FI

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20190626

Ref country code: AL

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20190626

Ref country code: SE

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20190626

REG Reference to a national code

Ref country code: LT

Ref legal event code: MG4D

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: LV

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20190626

Ref country code: GR

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20190927

Ref country code: RS

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20190626

Ref country code: BG

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20190926

REG Reference to a national code

Ref country code: AT

Ref legal event code: MK05

Ref document number: 1149632

Country of ref document: AT

Kind code of ref document: T

Effective date: 20190626

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: PT

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20191028

Ref country code: RO

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20190626

Ref country code: NL

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20190626

Ref country code: CZ

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20190626

Ref country code: AT

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20190626

Ref country code: EE

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20190626

Ref country code: SK

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20190626

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: IT

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20190626

Ref country code: ES

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20190626

Ref country code: IS

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20191026

Ref country code: SM

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20190626

REG Reference to a national code

Ref country code: CH

Ref legal event code: PL

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: MC

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20190626

Ref country code: TR

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20190626

REG Reference to a national code

Ref country code: BE

Ref legal event code: MM

Effective date: 20190731

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: DK

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20190626

Ref country code: PL

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20190626

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: CH

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20190731

Ref country code: LU

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20190730

Ref country code: BE

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20190731

Ref country code: LI

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20190731

Ref country code: IS

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20200224

REG Reference to a national code

Ref country code: DE

Ref legal event code: R097

Ref document number: 602014049222

Country of ref document: DE

PLBE No opposition filed within time limit

Free format text: ORIGINAL CODE: 0009261

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: NO OPPOSITION FILED WITHIN TIME LIMIT

PG2D Information on lapse in contracting state deleted

Ref country code: IS

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: IE

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20190730

26N No opposition filed

Effective date: 20200603

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: SI

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20190626

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: CY

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20190626

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: HU

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT; INVALID AB INITIO

Effective date: 20140730

Ref country code: MT

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20190626

REG Reference to a national code

Ref country code: DE

Ref legal event code: R079

Ref document number: 602014049222

Country of ref document: DE

Free format text: PREVIOUS MAIN CLASS: H04L0029060000

Ipc: H04L0065000000

REG Reference to a national code

Ref country code: DE

Ref legal event code: R084

Ref document number: 602014049222

Country of ref document: DE

REG Reference to a national code

Ref country code: GB

Ref legal event code: 746

Effective date: 20211222

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: MK

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20190626

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: GB

Payment date: 20230721

Year of fee payment: 10

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: FR

Payment date: 20230726

Year of fee payment: 10

Ref country code: DE

Payment date: 20230719

Year of fee payment: 10